CVE-2023-23800 – This CVE describes a Server-Side Request Forger... (How to Fix)

Q: What is the severity of CVE-2023-23800?

CVE-2023-23800 has a CVSS score of 7.1 (HIGH). This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in the WordPress Shortcodes Ultimate plugin. It allows attackers to make the vulnerable server send unauthorized requests to internal or external systems. All WordPress sites using affected versions of this plugin are at risk.

📋 TL;DR

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in the WordPress Shortcodes Ultimate plugin. It allows attackers to make the vulnerable server send unauthorized requests to internal or external systems. All WordPress sites using affected versions of this plugin are at risk.

💻 Affected Systems

Products:

WordPress Shortcodes Ultimate plugin

Versions: All versions up to and including 5.12.6

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with the vulnerable plugin active.

📦 What is this software?

Shortcodes Ultimate by Getshortcodes

View all CVEs affecting Shortcodes Ultimate →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access internal services, perform port scanning, exploit internal systems, or use the server as a proxy for attacks on other targets.

🟠

Likely Case

Information disclosure from internal services, scanning of internal networks, or limited data exfiltration.

🟢

If Mitigated

If proper network segmentation and egress filtering are in place, impact is limited to information disclosure from reachable internal services.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SSRF vulnerabilities typically have low exploitation complexity once the vulnerable endpoint is identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.12.7 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/shortcodes-ultimate/wordpress-shortcodes-ultimate-plugin-5-12-6-server-side-request-forgery-ssrf-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Shortcodes Ultimate' and check for updates. 4. Update to version 5.12.7 or later. 5. If auto-update is not available, download from WordPress.org and manually update.

🔧 Temporary Workarounds

Disable vulnerable shortcodes

all

Identify and disable specific shortcodes that trigger the SSRF vulnerability

Web Application Firewall rules

all

Implement WAF rules to block SSRF patterns in requests to WordPress

🧯 If You Can't Patch

Disable the Shortcodes Ultimate plugin entirely until patched
Implement strict egress filtering to limit outbound connections from the web server

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Installed Plugins for Shortcodes Ultimate version. If version is 5.12.6 or earlier, you are vulnerable.

Check Version:

wp plugin list --name=shortcodes-ultimate --field=version

Verify Fix Applied:

After updating, verify the plugin version shows 5.12.7 or later in WordPress admin.

📡 Detection & Monitoring

Log Indicators:

Unusual outbound HTTP requests from web server to internal IPs
Requests to localhost or internal services from web application

Network Indicators:

Web server making unexpected HTTP requests to internal network ranges
Port scanning activity originating from web server

SIEM Query:

source="web_server_logs" AND (url CONTAINS "shortcodes-ultimate" OR user_agent CONTAINS "Shortcodes") AND (dest_ip IN private_ranges OR dest_ip=127.0.0.1)

📊 Metadata

CVE ID: CVE-2023-23800

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N

CWE: CWE-918

Published: November 13, 2023

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-23800, you might also want to check these: